我想知道以下HTML和Javascript中的数组如何存储在Mysql数据库中,每个字段都添加到MYSQL数据库中的以下列:title,category,pdfname(从以下列发送的文件的名称) HTML)和HTML中的文件存储在名为" pdffile"的目录中。在服务器上对于Javascript添加的每个记录集。
以下是JAVASCRIPT代码:
<SCRIPT language="javascript">
function addRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
if(rowCount < 10){ // limit the user from creating fields more than your limits
var row = table.insertRow(rowCount);
var colCount = table.rows[0].cells.length;
for(var i=0; i <colCount; i++) {
var newcell = row.insertCell(i);
newcell.innerHTML = table.rows[0].cells[i].innerHTML;
}
}else{
alert("Maximum Number of Books is 10");
}
}
function deleteRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
for(var i=0; i<rowCount; i++) {
var row = table.rows[i];
var chkbox = row.cells[0].childNodes[0];
if(null != chkbox && true == chkbox.checked) {
if(rowCount <= 1) { // limit the user from removing all the fields
alert("Cannot Remove all the Books.");
break;
}
table.deleteRow(i);
rowCount--;
i--;
}
}
}
</SCRIPT></HEAD>
<div style="border:auto solid 1px; font-size:15px; background-color:red; width:100%;">
<form action="" enctype="multipart/form-data" id="pdf_form" method="post" name="pdf_form">
<table id="dataTable" class="form" border="1">
<tbody>
<p>
<td >
<input type="checkbox" name="chk[]" checked="checked" />
</td>
<td>
<label for="title">Title of PDF</label>
<input type="text" id="title" name="title[]">
<td>
<label for="pdffile">PDF supported. 2MB Maximum)</label>
<input type="file" id="pdffile" name="pdffile[]">
</td>
<td>
<label for="category">Category</label>
<select id="category" name="category[]">
<option>Science</option>
<option>Technology</option>
<option>Biblical</option>
<option>Business</option>
<option>Medical</option>
<option>Engineering</option>
<option>World</option>
</select>
</td>
</p>
</tr>
</tbody>
</table>
<p>
<input type="button" value="Add PDF" onClick="addRow('dataTable')" />
<input id="button" name="submit" type="submit" value="Save PDF(s)" />
<p>(All actions apply only to entries with check marked check boxes only.)</p>
</p>
</form>
</div>
//PHP for Upload
<?php
error_reporting(E_ALL);
include("session.php");
session_start();
if($_SERVER["REQUEST_METHOD"] == "POST") {
$pdffile = $_FILES['pdffile']['name'];
$pdffile_name = $_POST['pdffile'];
// Get text
$pdffile_name = mysqli_real_escape_string($con, $_POST['pdffile_name']);
// image file directory
$target = "books/".basename($pdfstore);
$item_title = $_POST['title'];
$item_category = $_POST['category'];
$item_pdfname_name = $_POST['pdfname_name'];
foreach ($_FILES as $pdfname)
if (move_uploaded_files($pdffile['tmp_name'], 'pdfstorage/' . $file['pdffile']))
for($count = 0; $count<count($item_title); $count++){
$title = mysqli_real_escape_string($con,$item_title[$count]);
$category = mysqli_real_escape_string($con,$item_category[$count]);
$pdfname = mysqli_real_escape_string($con, $item_pdfname[$count]);
{
$sql = "INSERT INTO pdftable (title, category, pdfname) VALUES('$title', '$category', '$pdfname')";
}
if (move_uploaded_file($_FILES['pdffile']['tmp_name'], $target));
if ($con->query($sql) === TRUE) {
echo "<div style='border:auto solid 1px; font-size:15px; color:green; background-color:auto; width:100%;'> PDF with Title $title Added Successfully. </div>";
}
else {
echo "Error: " . $sql . "<br>" . $con->error;
};
};
};
?>
每次,字段&#34;类别[]&#34;和&#34;标题[]&#34;被添加到数据库中,但是,文件不会被移动到&#34; pdfstorage&#34;服务器上的文件夹和文件名未添加到数据库中。我需要MYSQL代码才能成功地将文件和字段添加到数据库中。将不胜感激。
感谢。
答案 0 :(得分:0)
这是一些有效的PHP代码。请注意,您的代码存在很多安全问题。使用原始的$ _POST数据,不验证用户输入,过滤用户输入...参见预备语句和绑定w / mysqli。例如,您需要确保PDF确实是PDF文件。
以下是文件上传部分的一些工作代码。我注释掉了数据库查询和转义字符串调用。我不想设置数据库。我正在使用上传目录($ target)“html”vs book / ...进行测试。我删除了包含的session.php调用,因为我不想创建该文件。有几个地方你想调整我的代码。我也打开了display_errors。希望这可以帮助。我的html也没有缩进,因为我正在争先恐后地向你提供一些东西。我也删除了一些不需要的分号。
<html>
<head>
<SCRIPT language="javascript">
function addRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
if(rowCount < 10){ // limit the user from creating fields more than your limits
var row = table.insertRow(rowCount);
var colCount = table.rows[0].cells.length;
for(var i=0; i <colCount; i++) {
var newcell = row.insertCell(i);
newcell.innerHTML = table.rows[0].cells[i].innerHTML;
}
}else{
alert("Maximum Number of Books is 10");
}
}
function deleteRow(tableID) {
var table = document.getElementById(tableID);
var rowCount = table.rows.length;
for(var i=0; i<rowCount; i++) {
var row = table.rows[i];
var chkbox = row.cells[0].childNodes[0];
if(null != chkbox && true == chkbox.checked) {
if(rowCount <= 1) { // limit the user from removing all the fields
alert("Cannot Remove all the Books.");
break;
}
table.deleteRow(i);
rowCount--;
i--;
}
}
}
</SCRIPT>
</head>
<body>
<div style="border:auto solid 1px; font-size:15px; background-color:red; width:100%;">
<form action="./test.php" enctype="multipart/form-data" id="pdf_form" method="post" name="pdf_form">
<table id="dataTable" class="form" border="1">
<tbody>
<p>
<td >
<input type="checkbox" name="chk[]" checked="checked" />
</td>
<td>
<label for="title">Title of PDF</label>
<input type="text" id="title" name="title[]">
<td>
<label for="pdffile">PDF supported. 2MB Maximum)</label>
<input type="file" id="pdffile" name="pdffile[]">
</td>
<td>
<label for="category">Category</label>
<select id="category" name="category[]">
<option value="Science">Science</option>
<option value="Technology">Technology</option>
</select>
</td>
</p>
</tr>
</tbody>
</table>
<p>
<input type="button" value="Add PDF" onClick="addRow('dataTable')" />
<input id="button" name="submit" type="submit" value="Save PDF(s)" />
<p>(All actions apply only to entries with check marked check boxes only.)</p>
</p>
</form>
</div>
</td>
</p>
</tbody>
</table>
</form>
</div>
</body>
</html>
<?php
ini_set('display_errors', 'On');
error_reporting(E_ALL);
session_start();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
// image file directory
$target = __DIR__."/html/";
foreach ($_FILES as $pdfname) {
for ($count = 0; $count < count($_FILES['pdffile']['tmp_name']); $count++) {
$item_title = $_POST['title'][$count];
$item_category = $_POST['category'][$count];
$pdffile = $_FILES['pdffile']['name'][$count];
if (move_uploaded_file($_FILES['pdffile']['tmp_name'][$count], $target.$pdffile)) {
// Whatever you were going to do here....
}
//$sql = "INSERT INTO pdftable (title, category, pdfname) VALUES('$title', '$category', '$pdfname')";
//$title = mysqli_real_escape_string($con, $item_title);
//$category = mysqli_real_escape_string($con, $item_category);
//$pdfname = mysqli_real_escape_string($con, $pdffile);
//$pdffile_name = mysqli_real_escape_string($con, $_POST['title'][$count]);
/**if ($con->query($sql) === true) {
echo "<div style='border:auto solid 1px; font-size:15px; color:green; background-color:auto; width:100%;'> PDF with Title $title Added Successfully. </div>";
} else {
echo "Error: " . $sql . "<br>" . $con->error;
};**/
}
}
}